Giters

1Password / connect-helm-charts

Official 1Password Helm Charts

Home Page:https://developer.1password.com

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Duplicate secret causing pod restart loop

hlx-a1 opened this issue · comments

commented

Your environment

Chart Version: 1.15.0

Helm Version: 3.15.4

Kubernetes Version: v1.29.4+k3s1

What happened?

The presence of a duplicate secret in a 1P vault caused a container that mounted one of the copies to be trapped in a restart loop every 3 minutes. This happened because every 3 minutes, the 1P connect operator polled the 1P server, falsely detecting an update, and scaling the app down and up from 0 replicas.

What did you expect to happen?

I would expect the container to not be restarted if none of the secrets it mounts have changed. Note: we have operator.1password.io/auto-restart=true per OnePasswordItem.

Steps to reproduce

  1. Create a OnePasswordItem with operator.1password.io/auto-restart=true
  2. Create a deployment that mounts it
  3. Duplicate the entry that the OnePasswordItem references
  4. The deployment should be scaled down to 0 and back up every polling interval

Notes & Logs